ITIL Asset and Configuration

Management in the Cloud

January 2016
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

2016, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Notices
This document is provided for informational purposes only. It represents AWSs
current product offerings and practices as of the date of issue of this document,
which are subject to change without notice. Customers are responsible for
making their own independent assessment of the information in this document
and any use of AWSs products or services, each of which is provided as is
without warranty of any kind, whether express or implied. This document does
not create any warranties, representations, contractual commitments, conditions
or assurances from AWS, its affiliates, suppliers or licensors. The responsibilities
and liabilities of AWS to its customers are controlled by AWS agreements, and
this document is not part of, nor does it modify, any agreement between AWS
and its customers.

Page 2 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Contents
Abstract 3
Introduction 3
What Is ITIL? 4
AWS Cloud Adoption Framework 5
Asset and Configuration Management in the Cloud 6
Asset and Configuration Management and AWS CAF 8
Impact on Financial Management 9
Creating a Configuration Management Database 10
Managing the Configuration Lifecycle in the Cloud 12
Conclusion 13
Contributors 13

Abstract
Cloud initiatives require more than just the right technology. They also must be
supported by organizational changes, such as people and process changes. This
paper is intended for IT service management (ITSM) professionals who are
supporting a hybrid cloud environment that leverages AWS. It outlines best
practices for asset and configuration management, a key area in the IT
Infrastructure Library (ITIL), on the AWS cloud platform.

Introduction
Leveraging the experiences of enterprise customers who have successfully
integrated their cloud strategy with their IT Infrastructure Library (ITIL)-based
service management practices, this paper will cover:

Asset and Configuration Management in ITIL

AWS Cloud Adoption Framework (AWS CAF)

Page 3 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Cloud-specific Asset and Configuration Management best practices

like creating a configuration management database

What Is ITIL?
The framework managed by AXELOS Limited defines a commonly used, best
practice approach to IT service management (ITSM). Although it builds on
ISO/IEC 20000, which provides a formal and universal standard for
organizations seeking to have their ITSM capabilities audited and certified,1
ITIL goes one step further to propose operational processes required to deliver
the standard.

ITIL is composed of five volumes that describe the ITSM lifecycle, as defined by
AXELOS:

Service Strategy Understands organizational objectives and customer needs.

Service Design Turns the service strategy into a plan for delivering the business
objectives.
Service Transition Develops and improves capabilities for introducing new services into
supported environments.
Service Operation Manages services in supported environments.
Continual Service Achieves incremental and large-scale improvements to services.
Improvement

Each volume addresses the capabilities that enterprises must have in place. Asset
and Configuration Management is one of the chapters in the Service Transition
volume. For more information, see the Axelos website.

1 ITIL Service Operation Publication, AXELOS, 2007, page 5

Page 4 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

AWS Cloud Adoption Framework

AWS CAF is used to help enterprises modernize ITSM practices so that they can
take advantage of the agility, security, and cost benefits afforded by public or
hybrid clouds.

ITIL and AWS CAF are compatible. Like ITIL, AWS CAF organizes and describes
all of the activities and processes involved in planning, creating, managing, and
supporting modern IT services. It offers practical guidance and comprehensive
guidelines for establishing, developing, and running cloud-based IT capabilities.

AWS CAF is built on seven perspectives:

People Selecting and training IT personnel with appropriate skills, defining

and empowering delivery teams with accountabilities and service-
level agreements.
Process Managing programs and projects to be on time, on target, and
within budget while keeping risks at acceptable levels.
Security Applying a comprehensive and rigorous method for describing the
structure and behavior for an organizations security processes,
systems, and personnel.
Business Identifying, analyzing, and measuring the effectiveness of IT
investments.
Maturity Analyzing, defining, and anticipating demand for and acceptance of
planned IT capabilities and services.
Platform Defining and describing core architectural principles, standards, and
patterns that are required for optimal IT capabilities and services.
Operations Transitioning, operating, and optimizing the hybrid IT environment,
enabling efficient and automated IT service management.

AWS CAF is an important supplement to enterprise ITSM frameworks used today

because it provides enterprises with practical operational advice for
implementing and operating ITSM in a cloud-based IT infrastructure. For more
information, see AWS Cloud Adoption Framework.

Page 5 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Asset and Configuration Management in the

Cloud
In practice, asset and configuration management aligns very closely to other ITIL
processes, such as incident management, change management, problem
management, or service-level management.

ITIL defines an asset as any resource or capability that could contribute to the
delivery of a service.

Examples of assets include:

virtual or physical storage

virtual or physical servers

a software license

undocumented information known to internal team members

ITIL defines configuration items as an asset that needs to be managed in order

to deliver an IT service. All configuration items are assets, but many assets are
not configuration items. Examples of configuration items include a virtual or
physical server or a software license. Every configuration item should be under
the control of change management.

The goals of asset and configuration management are to:

Support ITIL processes by providing accurate configuration information to

assist decision making (for example, the authorization of changes, the
planning of releases) and to help resolve incidents and problems faster.

Minimize the number of quality and compliance issues caused by incorrect

or inaccurate configuration of services and assets.

Define and control the components of services and infrastructure and

maintain accurate configuration information on the historical, planned,
and current state of the services and infrastructure.

The value to business is:

Page 6 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Optimization of the performance of assets improves the performance of the

service overall. For example, it mitigates risks caused by service outages
and failed licensing audits.

Asset and configuration management provides an accurate representation

of a service, release, or environment, which enables:

Better planning of changes and releases.

Improved incident and problem resolution.
Meeting service levels and warranties.
Better adherence to standards and legal and regulatory obligations
(fewer non-conformances).
Traceable changes.
The ability to identify the costs for a service.

The following diagram from AXELOS shows there are elements in asset and
configuration management that directly relate to elements in change
management. Asset and configuration management underpins change
management. Without it, the business is subject to increased risk and
uncertainty.

Page 7 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Copyright AXELOS Limited 2011. All rights reserved. Material is reproduced under license
from AXELOS

Figure 1: Asset and Configuration Management in ITIL

Asset and Configuration Management and AWS CAF

As with most specifications covered in the Service Transition volume of ITIL,
asset and configuration management falls into the Cloud Service Management
function of the AWS CAF Operations perspective.

People and process changes should be supported by a cloud governance forum or

Center of Excellence whose role is to use AWS CAF to manage through the
transition. From the perspective of ITSM, your operations should certainly have a
seat at the table.

As shown in Figure 2, AWS CAF accounts for the management of assets and
configuration items in a hybrid environment. Information can come from the on-
premises environment or any number of cloud providers (private or public).

Page 8 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Figure 2: AWS CAF Integration

Impact on Financial Management

One of the most important aspects of asset management is to ensure data is
available for these financial management processes:

Capitalization and depreciation

Software license management

Compliance requirements

These activities typically require comprehensive asset lifecycle management

processes, which take significant cost and effort. One of the benefits of moving IT
to the cloud is that the financial nature of the transaction moves from a capital
expenditure (CAPEX) to an operating expenditure (OPEX). You can do away with
the large capital outlays (for example, a server refresh) that require months of
planning as well as amortization and depreciation.

Page 9 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Creating a Configuration Management Database

A configuration management database (CMDB) is used by IT to track and
manage its resources. The CMDB presents a logical model of the enterprise
infrastructure to give IT more control over the environment and facilitate
decision-making. At a minimum, a CMDB contains the following:

Configuration item (CI) records with all associated attributes captured.

A relationship model between different CIs.

A history of all service impacts in the form of incidents, changes, and

problems.

In a traditional IT setup, the goals of establishing a CMDB are met through the
process of:

Discovery tools used to create a record of existing CIs.

Comprehensive change management processes to keep track of creation

and updates to CIs.

Integration of incident and problem management data with impacted CIs

with ITSM workflow tools like BMC, Hewlett-Packard, or ServiceNow.

These processes and tools in turn help organizations better understand the IT
environment by providing insight into not only the impact of incidents, problems,
and changes, but also financial resources, service availability, and capacity
management.

There are some challenges to creating a CMDB for cloud resources due to:

The inherent dynamic nature of cloud resource provisioning, where

resources can be created or terminated through predefined business
policies or application architecture elements like auto scaling.

The difficulty of capturing cloud resources data in a format that can be

imported and maintained in a single system of record for all enterprise CIs.

A prevalence of shadow IT organizations that makes information sharing

and even manual consolidation of enterprise IT assets and CIs difficult.

Page 10 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Configuration Management Inventory for Cloud Resources

There are two logical approaches AWS customers can take to create a CMDB for
cloud resources:

Figure 3: Options for Enterprise CMDB Systems

AWS Config helps customers manage their CIs in the cloud. AWS Config provides
a detailed view of the configuration of AWS resources in an AWS account. With
AWS Config, customers can do the following:

Get a snapshot of all the supported resources associated with an AWS

account at any point in time.

Retrieve the configurations of the resources.

Retrieve historical configurations of the resources.

Receive a notification whenever a resource is created, modified, or deleted.

View relationships between resources.

This information is important to any IT organization for CI discovery and

recording, change tracking, audit and compliance, and security incident analysis.

Page 11 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

Customers can access this information from the AWS Config console or
programmatically extract it into their CMDBs.

As an example of the potential for integration with legacy systems, ServiceNow

the platform-as-a-service (PaaS) provider of enterprise service management
software, is now integrated with AWS Config. This means ServiceNow users can
leverage Option 1 shown in Figure 3.

Managing the Configuration Lifecycle in the Cloud

One of the goals of service asset and configuration management is to manage the
CI lifecycle and track and record all changes. One of the key aspects of the cloud
is a much tighter integration of the software and infrastructure configuration
lifecycles. This section covers aspects of configuration lifecycle management
across instance, stacks, and applications:

Instance creation templates: Every IT organization has security and

compliance standards for instances introduced into its IT environments.
Amazon Machine Images (AMIs) are a robust way of standardizing
instance creation. Users can opt for AWS- or third-party-provided
predefined AMIs or define custom AMIs. If you create AMI templates for
instance provisioning you can define instance configuration and
environmental add-ins in a predefined and programmatic manner. A
typical custom AMI might prescribe the base OS version and associated
security, monitoring, and configuration management agents.
Instance lifecycle management: For every instance or resource created
in an IT environment, there are multiple lifecycle management activities
that must be performed. Some of the standard tasks are patch
management, hardening policies, version upgrades, environment variable
changes, and so on. These activities can be performed manually, but most
IT organizations use robust configuration management tools like Chef,
Puppet, and System Center Configuration Manager to perform these tasks.
AWS allows easy integration with these tools to ensure a consistent
enterprise configuration management approach.

Environment provisioning templates: AWS CloudFormation is useful

for provisioning end-to-end environments (also referred to as stacks) in a

Page 12 of 13
Amazon Web Services ITIL Asset and Configuration Management in the Cloud January 2016

consistent and repeatable fashion, without actually provisioning each

component individually. You dont need to figure out the order for
provisioning AWS services or the subtleties of making those dependencies
work. AWS CloudFormation takes care of this for you. You can use a
template to create identical copies of the same stack without effort or
errors. Templates are simple JSON-formatted text files that can be held
securely leveraging your current source control mechanisms.

Application configuration and lifecycle management: In todays

world of agile development, development teams leverage continuous
integration and continuous delivery best practices. AWS provides seamless
integration with tools like Jenkins (CI) and Github for code management
and deployment. Services like AWS CodePipeline, AWS CodeDeploy, and
AWS CodeCommit can be used to manage the application lifecycle.

Conclusion
Service asset and configuration management processes consist of critical
activities for the provisioning and maintenance of the health of IT systems.
Consistent management of configuration items through their lifecycle leads to
efficient and effective system health and performance. AWS enables best
practices across every level of resource in an application stack. With the tools,
automations, and integration available on the AWS platform, IT organizations
can achieve significant productivity gains. Successful implementation and
execution of service asset and configuration management processes should be
seen as a shared responsibility that can be achieved through the right
commitment by IT organizations, enabled by the AWS platform.

Contributors
The following individuals contributed to this document:

Darren Thayre, Transformation Consultant, AWS Professional Services

Anindo Sengupta, Chief Operating Officer, Minjar Cloud Solutions

Page 13 of 13